COIT20263 Information Security Management
Assessment Item 3 – Written Assessment
The extant case in hand is a live case of a cyber security breach and a fraud that took place in the organizational database. The risk management plan should include data security in a broad sense followed by comprehensive risk management in sync with the followings:
Restrict / Prohibit: A restriction that is designed to preclude damage to content that might be generated by an action that could actually happen.
Discover is an example of a feature that notifies the user in the event that anything goes awry.
Rectify / Revamp: A function that has the capacity to resolve any faults that have been identified.
Control: the action of avoiding or preventing anything that is undesirable.
A statement that outlines whether an organisation will react in the case of an information exposure is called a security incident remediation strategy. It describes what defines a compromise of data protection and information protection, who is engaged in the strategy and their personal credentials, the procedures that should be taken in the event of a compromise, and the measures that should be taken after a contravention has occurred (Javaid, 2013). The manner in which your company reacts to the information compromise will determine both its short-term and long-term rate of restoration.
An emergency management strategy for a security compromise should, at a greater extent, incorporate the five phases that are listed below.
Practices in advance organising:
Conduct a threat appraisal and utilise access controls to classify what represents an infringement prior to actually composing the strategy (Nyre-Yu et al., 2019). This should include how something may be impacted, such as information, individuals, capabilities, and structures, as well as prospective advanced threat circumstances, such as threat actors, malware, and authorization fraud. Incorporate anything that might prompt the cyber incident reaction team to be activated.
Specify the emergency reaction groups and their representatives:
Make a description of the people who will make up the information attack recovery team, together with their roles and any relevant personal information (Van der Kleij et al., 2017).
Make a list of contacts: Make a list of contacts, and on it, add the prerequisites for engaging governing bodies, such as who and when to approach them.
Develop a correspondence strategy Develop a communications strategy that includes planned remarks for consumers, employees, and the public. This strategy need to be malleable so that adjustments may be made according to the severity of the incident. It is necessary for it to think about where and why announcements must be published (Rajivan & Cooke, 2017).
Carry out situation management Commence occurrence management in the instance that a cyber mishap investigation group is notified of an occurrence that fits the definition for a violation as indicated in step one (Tøndel et al., 2014).
The act of designing preventative and restoration measures to cope with possible cybersecurity hazards to a company or to assure process continuation in the aftermath of a cyberattack is the procedure known as “contingency management,” abbreviated as “BCP.” The strategic objective of a BCP is to guarantee that business operations will continue normally both previously and throughout the implementation of emergency preparedness procedures (Soomro et al., 2016).
You, as the administrator of continuous improvement, have the chance to enlighten both the staff and the executive council for business continuation monitoring on the crucial part that cyberspace performs in contingency planning endeavors as a whole (Niemimaa, 2015). The perception that the IT division “owns” information technology protection is something that numerous companies have to resist. In point of fact, the whole of the company has a vested interest in the safety of its electronic information and infrastructure.
Be sure to include safe task or redundancies in your enterprise continuance strategy in order to guarantee the continued operation of IT-related processes. This will make it possible for constituents to acquire connectivity in the eventuality that a platform or infrastructure fails (Flowerday & Tuyikeze, 2016). Also, don’t forget to do comprehensive testing on all alternative solutions. Last but not least, you should think about the extent to which the company is ready to rapidly and efficiently react to and engage with outside participants in the event of a system security crisis. In the event that there is a data compromise, you will be required to provide consumers, collaborators, the public, and any other relevant individuals with notifications and update (Cerullo & Cerullo, 2004).
Cerullo, V., & Cerullo, M. J. (2004, June). Business Continuity Planning: A Comprehensive Approach. Information Systems Management, 21(3), 70–78. https://doi.org/10.1201/1078/444184.108.40.20640601/82480.11
Flowerday, S. V., & Tuyikeze, T. (2016, August). Information security policy development and implementation: The what, how and who. Computers &Amp; Security, 61, 169–183. https://doi.org/10.1016/j.cose.2016.06.002
Javaid, M. A. (2013). Incident Response Planning for Data Protection. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.2391677
Niemimaa, M. (2015). Interdisciplinary Review of Business Continuity from an Information Systems Perspective: Toward an Integrative Framework. Communications of the Association for Information Systems, 37. https://doi.org/10.17705/1cais.03704
Nyre-Yu, M., Gutzwiller, R. S., & Caldwell, B. S. (2019, November). Observing Cyber Security Incident Response: Qualitative Themes From Field Research. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 63(1), 437–441. https://doi.org/10.1177/1071181319631016
Rajivan, P., & Cooke, N. (2017). Impact of Team Collaboration on Cybersecurity Situational Awareness. Theory and Models for Cyber Situation Awareness, 203–226. https://doi.org/10.1007/978-3-319-61152-5_8
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016, April). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215–225. https://doi.org/10.1016/j.ijinfomgt.2015.11.009
Tøndel, I. A., Line, M. B., & Jaatun, M. G. (2014, September). Information security incident management: Current practice as reported in the literature. Computers &Amp; Security, 45, 42–57. https://doi.org/10.1016/j.cose.2014.05.003
Van der Kleij, R., Kleinhuis, G., & Young, H. (2017, December 12). Computer Security Incident Response Team Effectiveness: A Needs Assessment. Frontiers in Psychology, 8. https://doi.org/10.3389/fpsyg.2017.02179